Author Topic: Internet help please (Read 397 times)

x_breath_x · « **on:** February 13, 2009, 11:48:47 PM »

hello for some reason i think my internet wont work on my other computer because of something i may have opened, i slightly think i may have a worm, i did i hijack log so that you could look.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:59 PM, on 2/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...mp;pkg=&owd=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Quick Macros] "C:\Program Files\Quick Macros 2\qm.exe" S
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.donutdoors.com
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 7904 bytes

guestolo · « **Reply #1 on:** February 14, 2009, 11:26:08 AM »

It doesn't appear to be anything malicious in that log
What steps are you performing to transfer files between this and that computer
USB Thumbdrive, etc...?

x_breath_x · « **Reply #2 on:** February 14, 2009, 11:40:00 AM »

yes i am using a usb 8gb disk drive or whatever, just the tiny little things.

i think if you cant find anything wrong ill go get a new ethernet cable and try it.

guestolo · « **Reply #3 on:** February 14, 2009, 12:00:59 PM »

Let's try the following
First, download and save to your Thumbdrive
Malwarebytes' Anti-Malware from Here or Here

In addition, download the latest database from HERE and save it to the thumbdrive

Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< and save it to your thumbdrive

Transfer the programs and the database updates to the desktop of the computer offline

First, install Malwarebytes' Anti-Malware
Double Click mbam-setup.exe to install the application.

UNTICK both [color=\"#006400\"]Update Malwarebytes' Anti-Malware[/color] and [color=\"#006400\"]Launch Malwarebytes' Anti-Malware[/color], then click Finish.
After installation, double click on mbam-rules.exe to install the latest updated database
Follow the prompts
Run Malwarebytes Anti-Malware from the shortcut on desktop
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

With that log from MBAM

RSIT.exe

Double click on RSIT.exe to launch program.
Click Continue at the disclaimer screen.
Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
Once it has finished, two logs will open: log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].

Post both those logs please

x_breath_x · « **Reply #4 on:** February 14, 2009, 03:42:29 PM »

Ok here area all three logs. i am trying to post the "Log" file but it is not working quite yet. it might be too big to be loaded

Malware Log---

Malwarebytes' Anti-Malware 1.34
Database version: 1736
Windows 5.1.2600 Service Pack 3

2/14/2009 2:34:14 PM
mbam-log-2009-02-14 (14-34-14).txt

Scan type: Quick Scan
Objects scanned: 73163
Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Info---

info.txt logfile of random's system information tool 1.05 2009-02-14 14:35:49

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
BitDefender Antivirus 2009-->MsiExec.exe /X{5942839B-DA20-45D4-809C-D4FE5A45387E}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Camtasia Studio 6-->MsiExec.exe /I{49253DE2-FC99-4BE3-99A4-DAB01A8E6088}
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -IAsu200Ck.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(tm) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar-->MsiExec.exe /I{10C69612-017B-45F5-B986-7D113D5A2EA3}
NVIDIA Drivers-->C:\WINDOWS\System32\nvuide.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
Quick Macros 2-->"C:\Program Files\Quick Macros 2\unins000.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: BitDefender Antivirus

System event log

Computer Name: JOHN-ZFKIQRH62X
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free.

Record Number: 5
Source Name: EventLog
Time Written: 20090128155713.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 60054
Message: Setup successfully installed Windows build 2600.
Record Number: 4
Source Name: Setup
Time Written: 20090128155341.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 3
Source Name: EventLog
Time Written: 20090128074449.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20090128074449.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to JOHN-ZFKIQRH62X.

Record Number: 1
Source Name: EventLog
Time Written: 20090128154844.000000-360
Event Type: information
User:

Application event log

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090128154949.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090128154946.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090128154901.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090128154849.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090128154849.000000-360
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=5f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

x_breath_x · « **Reply #5 on:** February 14, 2009, 03:44:02 PM »

Log---

Logfile of random's system information tool 1.05 (written by random/random)
Run by Administrator at 2009-02-14 14:35:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 106 GB (92%) free of 114 GB
Total RAM: 1022 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:35:46 PM, on 2/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\wuauclt.exe
E:\New Folder\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...p;pkg=&owd=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Quick Macros] "C:\Program Files\Quick Macros 2\qm.exe" S
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.donutdoors.com
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 8088 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll [2008-12-04 83800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll [2008-12-04 83800]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-11-06 90112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-19 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-28 136600]
"Quick Macros"=C:\Program Files\Quick Macros 2\qm.exe [2006-06-15 1282048]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-01-09 741376]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-17 69632]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2009-01-23 4363504]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Messenger"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-29 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Administrator\temp\TeamViewer3\TeamViewer.exe"="C:\Documents and Settings\Administrator\temp\TeamViewer3\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f50c7a76-ed82-11dd-8eea-001d6053b380}]
shell\AutoRun\command - G:\JDSecure\Windows\JDSecure31.exe

======List of files/folders created in the last 1 months======

2009-02-14 14:35:42 ----D---- C:\rsit
2009-02-14 14:25:41 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2009-02-14 14:25:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-14 14:25:33 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-13 22:45:27 ----D---- C:\Program Files\Trend Micro
2009-02-10 14:04:32 ----A---- C:\WINDOWS\bdagent.INI
2009-02-06 16:38:49 ----A---- C:\WINDOWS\ODBC.INI
2009-02-06 16:38:04 ----D---- C:\Program Files\Microsoft ActiveSync
2009-02-06 16:38:00 ----D---- C:\Program Files\Common Files\DESIGNER
2009-02-06 16:37:42 ----D---- C:\WINDOWS\SHELLNEW
2009-02-06 16:37:41 ----D---- C:\Program Files\Microsoft.NET
2009-02-06 16:37:41 ----D---- C:\Program Files\Microsoft Office
2009-02-01 03:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-02-01 03:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-01-31 11:02:40 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2009-01-31 11:02:32 ----D---- C:\Program Files\Mozilla Firefox
2009-01-31 10:55:32 ----D---- C:\Program Files\CONEXANT
2009-01-31 01:06:52 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-01-31 01:06:01 ----D---- C:\WINDOWS\Prefetch
2009-01-30 21:51:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-30 21:51:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-30 21:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-30 21:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-30 21:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-30 21:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-30 21:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-30 21:49:56 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-30 21:49:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-30 21:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-30 21:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-30 21:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-30 21:49:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-30 21:48:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-30 21:48:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-30 21:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-30 21:48:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-30 21:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-30 21:42:13 ----D---- C:\WINDOWS\system32\scripting
2009-01-30 21:42:10 ----D---- C:\WINDOWS\l2schemas
2009-01-30 21:42:09 ----D---- C:\WINDOWS\system32\en
2009-01-30 21:42:09 ----D---- C:\WINDOWS\system32\bits
2009-01-30 21:37:27 ----D---- C:\WINDOWS\network diagnostic
2009-01-30 21:24:45 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-30 21:23:01 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-29 21:56:01 ----D---- C:\Documents and Settings\Administrator\Application Data\TeamViewer
2009-01-29 10:25:14 ----A---- C:\WINDOWS\system32\tsccvid.dll
2009-01-29 10:25:11 ----D---- C:\WINDOWS\system32\QuickTime
2009-01-29 10:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-01-29 10:24:39 ----D---- C:\Program Files\Common Files\TechSmith Shared
2009-01-29 10:24:35 ----D---- C:\Program Files\TechSmith
2009-01-29 03:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-01-29 03:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-01-29 03:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-01-29 03:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-01-29 03:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-01-29 03:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-29 03:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-29 03:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-01-29 03:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2009-01-29 03:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-01-29 03:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-01-29 03:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-29 03:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-01-29 03:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-01-29 03:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-29 03:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-01-29 03:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-01-29 03:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-01-29 03:01:02 ----D---- C:\WINDOWS\ie7updates
2009-01-29 03:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-01-29 03:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-01-29 03:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-01-29 03:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-01-29 03:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-01-28 19:59:50 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-01-28 19:59:46 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-01-28 19:59:43 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-01-28 19:59:43 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-01-28 19:59:43 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-01-28 19:59:41 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-01-28 19:59:39 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-01-28 19:59:39 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-01-28 19:59:31 ----N---- C:\WINDOWS\system32\setupn.exe
2009-01-28 19:59:29 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-01-28 19:59:28 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-01-28 19:59:27 ----N---- C:\WINDOWS\system32\qutil.dll
2009-01-28 19:59:26 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-01-28 19:59:26 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-01-28 19:59:26 ----N---- C:\WINDOWS\system32\qagent.dll
2009-01-28 19:59:26 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-01-28 19:59:24 ----N---- C:\WINDOWS\system32\onex.dll
2009-01-28 19:59:19 ----N---- C:\WINDOWS\system32\napstat.exe
2009-01-28 19:59:19 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-01-28 19:59:19 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-01-28 19:59:18 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-01-28 19:59:18 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-01-28 19:59:16 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-01-28 19:59:16 ----N---- C:\WINDOWS\system32\mssha.dll
2009-01-28 19:59:06 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-01-28 19:59:06 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-01-28 19:59:05 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-01-28 19:59:05 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-01-28 19:58:59 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-01-28 19:58:53 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-01-28 19:58:53 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-01-28 19:58:48 ----A---- C:\WINDOWS\005384_.tmp
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-01-28 19:58:47 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-01-28 19:58:46 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-01-28 19:58:45 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-01-28 19:58:45 ----N---- C:\WINDOWS\system32\credssp.dll
2009-01-28 19:58:44 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-01-28 19:58:44 ----N---- C:\WINDOWS\system32\azroles.dll
2009-01-28 19:58:41 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-01-28 19:45:41 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-28 19:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-01-28 19:35:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-28 16:59:57 ----D---- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2009-01-28 16:59:48 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-28 16:59:26 ----D---- C:\Program Files\iPod
2009-01-28 16:59:23 ----D---- C:\Program Files\iTunes
2009-01-28 16:59:23 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-28 16:59:10 ----D---- C:\Program Files\Bonjour
2009-01-28 16:58:34 ----D---- C:\Program Files\QuickTime
2009-01-28 16:58:32 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-28 16:58:20 ----D---- C:\Program Files\Apple Software Update
2009-01-28 16:58:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-28 16:57:52 ----D---- C:\Program Files\Common Files\Apple
2009-01-28 16:57:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-28 16:01:35 ----D---- C:\Documents and Settings\Administrator\Application Data\InstallShield
2009-01-28 16:01:15 ----D---- C:\NVIDIA
2009-01-28 15:57:34 ----SHD---- C:\WINDOWS\Installer
2009-01-28 15:57:32 ----D---- C:\Documents and Settings\Administrator\Application Data\Identities
2009-01-28 15:57:26 ----HD---- C:\Program Files\Uninstall Information
2009-01-28 15:57:23 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2009-01-28 15:57:22 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-01-28 15:57:16 ----SHD---- C:\System Volume Information
2009-01-28 15:57:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-28 15:52:12 ----D---- C:\WINDOWS\system32\xircom
2009-01-28 15:52:12 ----D---- C:\Program Files\xerox
2009-01-28 15:52:12 ----D---- C:\Program Files\microsoft frontpage
2009-01-28 15:52:01 ----A---- C:\WINDOWS\control.ini
2009-01-28 15:52:01 ----A---- C:\AUTOEXEC.BAT
2009-01-28 15:51:57 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-28 15:51:54 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-28 15:51:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-28 15:51:20 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-28 15:51:20 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-28 15:51:16 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-28 15:51:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-01-28 15:51:06 ----D---- C:\WINDOWS\srchasst
2009-01-28 15:51:01 ----D---- C:\WINDOWS\system32\Macromed
2009-01-28 15:51:01 ----D---- C:\WINDOWS\system32\DirectX
2009-01-28 15:50:53 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-28 15:50:53 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-28 15:50:52 ----D---- C:\Program Files\Movie Maker
2009-01-28 15:50:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-28 15:50:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-28 15:50:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-28 15:50:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-28 15:50:39 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-28 15:50:37 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-28 15:50:36 ----A---- C:\WINDOWS\desktop.ini
2009-01-28 15:50:32 ----D---- C:\WINDOWS\system32\Restore
2009-01-28 15:50:32 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-28 15:50:32 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-28 15:50:31 ----D---- C:\Program Files\Windows Media Player
2009-01-28 15:50:31 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-28 15:50:31 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-28 15:50:31 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-28 15:50:30 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-28 15:50:30 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-28 15:50:30 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-28 15:50:30 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-28 15:50:30 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-28 15:50:28 ----D---- C:\WINDOWS\PCHEALTH
2009-01-28 15:50:28 ----D---- C:\Program Files\NetMeeting
2009-01-28 15:50:28 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-28 15:50:27 ----D---- C:\Program Files\Common Files\Services

x_breath_x · « **Reply #6 on:** February 14, 2009, 03:45:24 PM »

continuing from last post.

2009-01-28 15:50:27 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-28 15:50:27 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-28 15:50:26 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-28 15:50:26 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-28 15:50:23 ----SD---- C:\WINDOWS\Tasks
2009-01-28 15:50:23 ----D---- C:\Program Files\Outlook Express
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-28 15:50:23 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-28 15:50:21 ----D---- C:\Program Files\Common Files\MSSoap
2009-01-28 15:50:18 ----D---- C:\Program Files\Common Files\System
2009-01-28 15:50:16 ----D---- C:\Program Files\Internet Explorer
2009-01-28 15:49:55 ----D---- C:\Program Files\ComPlus Applications
2009-01-28 15:49:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-28 15:49:54 ----A---- C:\WINDOWS\vb.ini
2009-01-28 15:49:51 ----D---- C:\WINDOWS\Registration
2009-01-28 15:49:47 ----HD---- C:\Program Files\WindowsUpdate
2009-01-28 15:49:46 ----D---- C:\Program Files\Online Services
2009-01-28 15:49:43 ----D---- C:\Program Files\Messenger
2009-01-28 15:49:38 ----D---- C:\Program Files\MSN
2009-01-28 15:49:36 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-28 15:49:36 ----A---- C:\WINDOWS\system32\write.exe
2009-01-28 15:49:29 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-28 15:49:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-28 15:49:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-28 15:49:29 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-28 15:49:28 ----D---- C:\Program Files\Windows NT
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-28 15:49:28 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-28 15:49:27 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-28 15:49:23 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-28 15:49:23 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-28 15:49:22 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-28 15:49:22 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-28 15:49:22 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-28 15:49:22 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-28 15:49:22 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-28 15:49:21 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-28 15:49:20 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-28 15:49:19 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-28 15:49:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-28 15:49:18 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-28 15:49:17 ----D---- C:\WINDOWS\system32\Com
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-28 15:49:17 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-28 15:49:16 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-28 15:49:08 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-28 15:49:08 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-28 15:49:08 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-28 15:49:08 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-28 15:49:08 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-28 15:28:04 ----D---- C:\WINDOWS\WBEM
2009-01-28 15:28:03 ----D---- C:\WINDOWS\system32\en-US
2009-01-28 15:27:43 ----HDC---- C:\WINDOWS\ie7
2009-01-28 15:27:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-01-28 15:27:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-01-28 15:26:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-28 15:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-01-28 15:26:43 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-28 15:26:39 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-28 15:02:12 ----D---- C:\Documents and Settings\Administrator\Application Data\BitDefender
2009-01-28 15:01:55 ----D---- C:\Program Files\BitDefender
2009-01-28 15:01:55 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2009-01-28 15:01:29 ----D---- C:\Program Files\Common Files\BitDefender
2009-01-28 14:59:47 ----D---- C:\Program Files\Quick Macros 2
2009-01-28 14:59:47 ----D---- C:\Documents and Settings\All Users\Application Data\GinDi
2009-01-28 14:59:30 ----D---- C:\WINDOWS\Sun
2009-01-28 14:59:14 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-28 14:59:14 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-28 14:59:14 ----A---- C:\WINDOWS\system32\java.exe
2009-01-28 14:59:14 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-28 14:59:00 ----D---- C:\Program Files\Java
2009-01-28 14:58:32 ----D---- C:\Documents and Settings\Administrator\Application Data\Sun
2009-01-28 14:57:43 ----D---- C:\Documents and Settings\Administrator\Application Data\Macromedia
2009-01-28 14:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-01-28 14:56:46 ----D---- C:\Documents and Settings\Administrator\Application Data\Yahoo!
2009-01-28 14:56:20 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-01-28 14:56:19 ----D---- C:\Program Files\Yahoo!
2009-01-28 14:48:15 ----D---- C:\WINDOWS\system32\Lang
2009-01-28 14:45:38 ----A---- C:\WINDOWS\SkyTel.exe
2009-01-28 14:45:37 ----A---- C:\WINDOWS\system32\ChCfg.exe
2009-01-28 14:45:24 ----D---- C:\WINDOWS\system32\RTCOM
2009-01-28 14:45:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-28 14:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-01-28 14:44:57 ----A---- C:\WINDOWS\SoundMan.exe
2009-01-28 14:44:55 ----A---- C:\WINDOWS\RtlUpd.exe
2009-01-28 14:44:54 ----A---- C:\WINDOWS\RTLCPL.exe
2009-01-28 14:44:52 ----A---- C:\WINDOWS\RTHDCPL.exe
2009-01-28 14:44:51 ----A---- C:\WINDOWS\MicCal.exe
2009-01-28 14:44:51 ----A---- C:\WINDOWS\alcwzrd.exe
2009-01-28 14:44:51 ----A---- C:\WINDOWS\Alcmtr.exe
2009-01-28 14:44:50 ----D---- C:\Program Files\Realtek
2009-01-28 14:44:49 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-01-28 14:44:49 ----A---- C:\WINDOWS\HideWin.exe
2009-01-28 14:43:53 ----D---- C:\Documents and Settings\Administrator\Application Data\ATI
2009-01-28 14:38:30 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-01-28 14:36:47 ----RSD---- C:\WINDOWS\assembly
2009-01-28 14:36:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-28 14:36:06 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-28 14:35:51 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-01-28 14:35:24 ----D---- C:\Program Files\ATI Technologies
2009-01-28 14:34:32 ----D---- C:\AMD
2009-01-28 14:33:27 ----D---- C:\Diamond
2009-01-28 14:31:36 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-28 14:31:32 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-28 14:24:14 ----N---- C:\WINDOWS\system32\spiisupd.exe
2009-01-28 14:24:14 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-01-28 14:24:14 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\bthci.dll
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-01-28 14:24:12 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-01-28 14:24:12 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2009-01-28 14:24:12 ----A---- C:\WINDOWS\system32\ati3duag.dll
2009-01-28 14:24:12 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2009-01-28 14:24:12 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\hccoin.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\encdec.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\encapi.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\dsprpres.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-01-28 14:24:11 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-01-28 14:24:11 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-01-28 14:24:11 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-28 14:24:11 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-01-28 14:24:11 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\p2p.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\mssap.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\msftedit.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-01-28 14:24:10 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-01-28 14:24:10 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\wmidx.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\winbrand.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\twext.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\slserv.exe
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\slgen.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\sbeio.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\sbe.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-01-28 14:24:09 ----N---- C:\WINDOWS\system32\powercfg.exe

x_breath_x · « **Reply #7 on:** February 14, 2009, 03:48:33 PM »

ok something in the text that i keep trying to post will now allow me to post it. so i uploaded it for you.

Here is the link for the file you uploaded:
http://www.yousendit.com/download/U0d5ZEV5d0k4NVZMWEE9PQ

guestolo · « **Reply #8 on:** February 14, 2009, 11:53:08 PM »

Can you post the contents of info.txt
A copy of it can be found in the following folder

C:\rsit

In addition, you said this earlier

Quote

i think if you cant find anything wrong ill go get a new ethernet cable and try it.

How is your other computer connected to the Internet?
By cable or wirelessly?

x_breath_x · « **Reply #9 on:** February 15, 2009, 02:21:39 PM »

Well i have a router to keep this computer and the other computer online, however with the internet problem the router wont work for both, so i was trying to plug internet in directly to the other computer with a modem, but seeing that that way does not work i just plug this computer in through modem, and the contents for info.txt i did post, something isnt letting me copy and paste them so i send them to you on a link.

http://www.yousendit.com/download/U0d5ZEV5d0k4NVZMWEE9PQ

if you can not see that link then try removing the spaces from this.

htt p://www .yousendit.com/download/U0d5ZEV5d0k4NVZMWEE9PQ

guestolo · « **Reply #10 on:** February 15, 2009, 02:55:04 PM »

Quote

and the contents for info.txt i did post

No, you keep posting the contents of Log.txt

Remember the instructions:

Quote

Once it has finished, two logs will open: log.txt<-- this will be maximized and info.txt<-- this will be minimized.

Go back to C:\rsit folder
See if there is a file called info.txt and post the contents please

x_breath_x · « **Reply #11 on:** February 15, 2009, 03:06:42 PM »

info.txt logfile of random's system information tool 1.05 2009-02-14 14:35:49

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
BitDefender Antivirus 2009-->MsiExec.exe /X{5942839B-DA20-45D4-809C-D4FE5A45387E}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Camtasia Studio 6-->MsiExec.exe /I{49253DE2-FC99-4BE3-99A4-DAB01A8E6088}
Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -IAsu200Ck.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(tm) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar-->MsiExec.exe /I{10C69612-017B-45F5-B986-7D113D5A2EA3}
NVIDIA Drivers-->C:\WINDOWS\System32\nvuide.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
Quick Macros 2-->"C:\Program Files\Quick Macros 2\unins000.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: BitDefender Antivirus

System event log

Computer Name: JOHN-ZFKIQRH62X
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free.

Record Number: 5
Source Name: EventLog
Time Written: 20090128155713.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 60054
Message: Setup successfully installed Windows build 2600.
Record Number: 4
Source Name: Setup
Time Written: 20090128155341.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 3
Source Name: EventLog
Time Written: 20090128074449.000000-360
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20090128074449.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to JOHN-ZFKIQRH62X.

Record Number: 1
Source Name: EventLog
Time Written: 20090128154844.000000-360
Event Type: information
User:

Application event log

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090128154949.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090128154946.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090128154901.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090128154849.000000-360
Event Type: information
User:

Computer Name: JOHN-ZFKIQRH62X
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090128154849.000000-360
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=5f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

guestolo · « **Reply #12 on:** February 15, 2009, 03:10:58 PM »

How long has this computer been offline?
Just recently
Did you add any new software or driver updates?

x_breath_x · « **Reply #13 on:** February 15, 2009, 03:47:01 PM »

no i dont believe so, all i did as far as internet connection goes is install a ethernet driver that you gave me to install to it from now on, and thats it, every time i reformat i install it, this just started happening for some reason, its been a while since i have tried using internet on it.

guestolo · « **Reply #14 on:** February 16, 2009, 08:51:02 AM »

Did you try going back to a System Restore Point previous to losing Internet connection?

TheTechGuide Forum

News:

Author Topic: Internet help please (Read 397 times)

x_breath_x

Internet help please

guestolo

Internet help please

x_breath_x

Internet help please

guestolo

Internet help please

x_breath_x

Internet help please

x_breath_x

Internet help please

x_breath_x

Internet help please

x_breath_x

Internet help please

guestolo

Internet help please

x_breath_x

Internet help please

guestolo

Internet help please

x_breath_x

Internet help please

guestolo

Internet help please

x_breath_x

Internet help please

guestolo

Internet help please